bcgov
Create UI - Validations not triggering while uploading any file formats in Continuation Authorization component.
Describe the bug in the current situation In the Continuation In Authorization Component, the user can enter any sort of attachment including the PDF and all the other validations like size, encryption, and lock triggers except that the component isn't checking if it's a PDF.
Steps to reproduce the behavior:
- Go to 'https://dev.create.business.bcregistry.gov.bc.ca/'
- Start a Continuation In Filing
- In the Upload Affidavit enter a CSV file by changing the PDF default on the machine window to "All Files"
- Upload a CSV file
- Notice the component says File Uploaded.
Screenshots/ Visual Reference/ Source
@yuisotozaki @OlgaPotiagalova
Riyaz changed the extension of a PDF to CSV and then tried to upload it, which succeeded. (It is, after all, a valid PDF file.) Riyaz expects that this file would not be uploaded because the extension is incorrect. (The flip side of this is renaming a CSV to a PDF and expecting it to upload, but we do check the file structure.)
So what do you think -- should we validate the file extension? I'm thinking yes, to avoid downstream confusion if we look at the file in Minio or ledger.
I'm also thinking this is a P3, though we are currently working on file uploads so it might make sense to fix this now anyway.
I believe that we should do both : Step 1. Extension validation to prevent users from uploading files with incorrect extension Step 2. Structure validation to prevent users from bypassing the extension check by renaming the file
Agreed with above. The error message can be: Error 1: "This is not an acceptable file format" Error 2: "The file must have the .pdf extension"
If the uploaded file fail both validation, use error 1 message as that's a bigger issue than the file extension.
This is implemented in #21248 (which is still in progress right now).